Which classification of IDS/IPS uses a database of known vulnerabilities and attack profiles to identify intrusion attempts?

Which classification of IDS/IPS uses a database of known vulnerabilities and attack profiles to identify intrusion attempts?
A . Statistical-based
B. Knowledge-based
C. Behavior-based
D. Anomaly-based

Answer: B

Explanation:

A knowledge-based system uses a database of known vulnerabilities and attack profiles to identify intrusion attempts. These types of systems have lower false-alarm rates than behavior-based systems but must be continually updated with new attack signatures to be effective.

A behavior-based system uses a baseline of normal network activity to identify unusual patterns or levels of network activity that may be indicative of an intrusion attempt. These types of systems are more adaptive than knowledge-based systems and therefore may be more effective in detecting previously unknown vulnerabilities and attacks, but they have a much higher false-positive rate than knowledge-based systems.

Latest PCCET Dumps Valid Version with 75 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments